Share via


C6327

warning C6327: Potential buffer overrun: SysAllocStringLen copies <number> characters from the string <variable> without validating the number of characters to copy. The code may crash

This warning indicates a potential buffer overrun. SysAllocStringLen allocates a string and then copies the specified number of characters from the specified string. Because SysAllocStringLen does not validate the number of characters to copy, if the number of characters specified is larger than the number of characters in the string, the code might crash. You must pass correct number of characters to the SysAllocString function to avoid buffer overrun.

Example

The following sample code generates this warning:

#include <windows.h>

void f ()
{
  BSTR bstr;
  bstr = SysAllocStringLen(L"txt", 5); // warning 6327
  // code...
  SysFreeString(bstr);
}

To correct this warning, pass the correct string length as shown in the following code:

#include <windows.h>
void f()
{
  BSTR bstr;
  wchar_t *greeting=L"Hello, World!";
  
  bstr = SysAllocStringLen(greeting, sizeof(greeting));
  // code...
  SysFreeString(bstr);
} 

See Also

Reference

sizeof Operator

sizeof Operator (C)